cy.utoke.b0tnet.com Open in urlscan Pro
43.153.106.5 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lihi.cc/bDYp4
Effective URL:
https://cy.utoke.b0tnet.com/bill
Submission: On November 24 via api (November 24th 2023, 2:06:13 pm UTC) from US — Scanned from US

Summary HTTP 13 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 3 domains to perform 13 HTTP transactions. The main IP is 43.153.106.5, located in United States and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is cy.utoke.b0tnet.com.
TLS certificate: Issued by R3 on November 23rd 2023. Valid for: 3 months.

This is the only time cy.utoke.b0tnet.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Cyprus Post (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::6815:436a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	43.153.25.225 43.153.25.225	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
13	43.153.106.5 43.153.106.5	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
13	1

1 2606:4700:3033::6815:436a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lihi.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.153.25.225 (United States) 1 redirects

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

hustink.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 43.153.106.5 (United States)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

cy.utoke.b0tnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	b0tnet.com cy.utoke.b0tnet.com	240 KB
1	hustink.online 1 redirects hustink.online	117 B
1	lihi.cc 1 redirects lihi.cc	996 B
13	3

	Domain	Requested by
13	cy.utoke.b0tnet.com	cy.utoke.b0tnet.com
1	hustink.online	1 redirects
1	lihi.cc	1 redirects
13	3

This site contains links to these domains. Also see Links.

Domain
www.cypruspost.post
www.cytacom.com
www.facebook.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
cy.utoke.ocry.com R3	`2023-11-23` - `2024-02-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cy.utoke.b0tnet.com/bill
Frame ID: 65E8B8051055D773EDA37320D905DE45
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Αρχική Σελίδα

Page URL History Show full URLs

https://lihi.cc/bDYp4 HTTP 302
https://hustink.online/08ag2E HTTP 302
https://cy.utoke.b0tnet.com/bill Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

1
IPs

1
Countries

240 kB
Transfer

551 kB
Size

8
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cypruspost.post/el/home
Title: Αρχική Σελίδα

Search URL Search Domain Scan URL

URL: https://www.cypruspost.post/el/e-shop-categories
Title: €0.00

Search URL Search Domain Scan URL

URL: https://www.cypruspost.post/el/login
Title: Σύνδεση

Search URL Search Domain Scan URL

URL: https://www.cypruspost.post/

Search URL Search Domain Scan URL

URL: http://www.cytacom.com/
Title: Cytacom Solutions Ltd

Search URL Search Domain Scan URL

URL: https://www.cypruspost.post/uploads/docs/d3b6f38bfe.pdf
Title: Δήλωση Ιδιωτικού Απορρήτου

Search URL Search Domain Scan URL

URL: https://www.cypruspost.post/el/site-map
Title: Site Map

Search URL Search Domain Scan URL

URL: https://www.facebook.com/postcyprus/

Search URL Search Domain Scan URL

URL: https://twitter.com/cypruspost?lang=en

Search URL Search Domain Scan URL

URL: https://www.instagram.com/post.cyprus/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lihi.cc/bDYp4 HTTP 302
https://hustink.online/08ag2E HTTP 302
https://cy.utoke.b0tnet.com/bill Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request bill Show response cy.utoke.b0tnet.com/ Redirect Chain https://lihi.cc/bDYp4 https://hustink.online/08ag2E https://cy.utoke.b0tnet.com/bill	5 KB 1 KB	421ms 105ms	Document text/html	43.153.106.5 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://cy.utoke.b0tnet.com/bill Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.153.106.5 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `f2fdee7afb7ef6b7391750a2c0ec60aefec287b2c6bc0d6f4c10d6c6e73b2373` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control no-cache content-encoding gzip content-type text/html;charset=utf-8 date Fri, 24 Nov 2023 14:06:08 GMT server nginx vary Accept-Encoding Redirect headers cache-control no-cache content-length 0 content-type text/html;charset=utf-8 date Fri, 24 Nov 2023 14:06:07 GMT location https://cy.utoke.b0tnet.com/bill server nginx
GET H2	200	f6170fbbJ36E5.css cy.utoke.b0tnet.com/assets/	908 B 1 KB	105ms 104ms	Stylesheet text/css	43.153.106.5 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://cy.utoke.b0tnet.com/assets/f6170fbbJ36E5.css Requested by Host: cy.utoke.b0tnet.com URL: https://cy.utoke.b0tnet.com/bill Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.153.106.5 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `b179ab217c3bb968b67eae1ebb55b56f73a543964699c64e70f582f0304ea536` Request headers accept-language en-US,en;q=0.9 Referer https://cy.utoke.b0tnet.com/bill User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 14:06:08 GMT last-modified Tue, 21 Nov 2023 07:42:18 GMT server nginx x-cache MISS content-type text/css cache-control max-age=60 accept-ranges bytes content-length 908 expires Fri, 24 Nov 2023 14:07:08 GMT
GET H2	200	base64.min.js Show response cy.utoke.b0tnet.com/admin/	5 KB 2 KB	106ms 105ms	Script application/javascript	43.153.106.5 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://cy.utoke.b0tnet.com/admin/base64.min.js Requested by Host: cy.utoke.b0tnet.com URL: https://cy.utoke.b0tnet.com/bill Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.153.106.5 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `72d03430daa72d33ab2162785decdb48d0c37dd10c4231c421d45ca0ef007a8b` Request headers accept-language en-US,en;q=0.9 Referer https://cy.utoke.b0tnet.com/bill User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 14:06:08 GMT content-encoding gzip last-modified Mon, 14 Aug 2023 10:16:56 GMT server nginx vary Accept-Encoding x-cache MISS content-type application/javascript cache-control max-age=60 expires Fri, 24 Nov 2023 14:07:08 GMT
GET H2	200	jquery.min.js Show response cy.utoke.b0tnet.com/admin/	88 KB 34 KB	210ms 210ms	Script application/javascript	43.153.106.5 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://cy.utoke.b0tnet.com/admin/jquery.min.js Requested by Host: cy.utoke.b0tnet.com URL: https://cy.utoke.b0tnet.com/bill Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.153.106.5 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af` Request headers accept-language en-US,en;q=0.9 Referer https://cy.utoke.b0tnet.com/bill User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 14:06:08 GMT content-encoding gzip last-modified Mon, 14 Aug 2023 10:17:10 GMT server nginx vary Accept-Encoding x-cache MISS content-type application/javascript cache-control max-age=60 expires Fri, 24 Nov 2023 14:07:08 GMT
GET H2	200	zero.min.js Show response cy.utoke.b0tnet.com/admin/	3 KB 2 KB	311ms 311ms	Script application/javascript	43.153.106.5 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://cy.utoke.b0tnet.com/admin/zero.min.js Requested by Host: cy.utoke.b0tnet.com URL: https://cy.utoke.b0tnet.com/bill Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.153.106.5 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `42276d697db885fb7a9d541aa4dc1c1cb03422e5838e86543084e90ea392a51b` Request headers accept-language en-US,en;q=0.9 Referer https://cy.utoke.b0tnet.com/bill User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 14:06:08 GMT content-encoding gzip last-modified Thu, 22 Jun 2023 11:26:12 GMT server nginx vary Accept-Encoding x-cache MISS content-type application/javascript cache-control max-age=60 expires Fri, 24 Nov 2023 14:07:08 GMT
GET H2	200	df8f8472J36E5.css cy.utoke.b0tnet.com/assets/	318 KB 67 KB	212ms 211ms	Stylesheet text/css	43.153.106.5 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://cy.utoke.b0tnet.com/assets/df8f8472J36E5.css Requested by Host: cy.utoke.b0tnet.com URL: https://cy.utoke.b0tnet.com/admin/zero.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.153.106.5 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `df8f8472ce3a177cc6bbd7df87fb353694af7b6ea4e3c8bc386ce26998e1cfe7` Request headers accept-language en-US,en;q=0.9 Referer https://cy.utoke.b0tnet.com/bill User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 14:06:09 GMT content-encoding gzip last-modified Tue, 21 Nov 2023 06:34:08 GMT server nginx vary Accept-Encoding x-cache MISS content-type text/css cache-control max-age=60 expires Fri, 24 Nov 2023 14:07:09 GMT
GET H2	200	4cd1ec68J36E5.css cy.utoke.b0tnet.com/assets/	323 B 497 B	105ms 104ms	Stylesheet text/css	43.153.106.5 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://cy.utoke.b0tnet.com/assets/4cd1ec68J36E5.css Requested by Host: cy.utoke.b0tnet.com URL: https://cy.utoke.b0tnet.com/admin/zero.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.153.106.5 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `4cd1ec684ce1c4f864a8e95f9f7695c7f708160192531ff8e55fc5023abf5b64` Request headers accept-language en-US,en;q=0.9 Referer https://cy.utoke.b0tnet.com/bill User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 14:06:09 GMT last-modified Tue, 21 Nov 2023 06:34:04 GMT server nginx x-cache MISS content-type text/css cache-control max-age=60 accept-ranges bytes content-length 323 expires Fri, 24 Nov 2023 14:07:09 GMT
GET H2	200	e9841a77J36E5.css cy.utoke.b0tnet.com/assets/	389 B 563 B	105ms 105ms	Stylesheet text/css	43.153.106.5 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://cy.utoke.b0tnet.com/assets/e9841a77J36E5.css Requested by Host: cy.utoke.b0tnet.com URL: https://cy.utoke.b0tnet.com/admin/zero.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.153.106.5 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `e9841a77f4566e799dbcc67059041cd351a5cdb626be21b2db57b8c0ad660021` Request headers accept-language en-US,en;q=0.9 Referer https://cy.utoke.b0tnet.com/bill User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 14:06:09 GMT last-modified Tue, 21 Nov 2023 06:34:10 GMT server nginx x-cache MISS content-type text/css cache-control max-age=60 accept-ranges bytes content-length 389 expires Fri, 24 Nov 2023 14:07:09 GMT
GET H2	200	42.jpg cy.utoke.b0tnet.com/layout/images/	11 KB 11 KB	314ms 314ms	Image image/jpeg	43.153.106.5 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://cy.utoke.b0tnet.com/layout/images/42.jpg Requested by Host: cy.utoke.b0tnet.com URL: https://cy.utoke.b0tnet.com/admin/zero.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.153.106.5 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `bb294527084a587d72af4febafeae1bf8eafa491b869956047f357190dc001f6` Request headers accept-language en-US,en;q=0.9 Referer https://cy.utoke.b0tnet.com/bill User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 14:06:09 GMT last-modified Tue, 21 Nov 2023 06:35:06 GMT server nginx x-cache MISS content-type image/jpeg cache-control max-age=60 accept-ranges bytes content-length 10817 expires Fri, 24 Nov 2023 14:07:09 GMT
GET H2	200	258c8261J36E5.woff2 cy.utoke.b0tnet.com/assets/	9 KB 9 KB	212ms 208ms	Font application/octet-stream	43.153.106.5 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://cy.utoke.b0tnet.com/assets/258c8261J36E5.woff2 Requested by Host: cy.utoke.b0tnet.com URL: https://cy.utoke.b0tnet.com/assets/df8f8472J36E5.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.153.106.5 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `258c82612dc0e5a8dc1e7042a2e7eb7dbe544b04afc591f2b7b37c96cecb3f99` Request headers Referer https://cy.utoke.b0tnet.com/assets/df8f8472J36E5.css Origin https://cy.utoke.b0tnet.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 14:06:09 GMT last-modified Tue, 21 Nov 2023 06:34:28 GMT server nginx x-cache MISS content-type application/octet-stream cache-control max-age=60 content-disposition attachment; filename="258c8261J36E5.woff2" accept-ranges bytes content-length 9388 expires Fri, 24 Nov 2023 14:07:09 GMT
GET H2	200	fe185d11J36E5.woff2 cy.utoke.b0tnet.com/assets/	18 KB 18 KB	106ms 105ms	Font application/octet-stream	43.153.106.5 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://cy.utoke.b0tnet.com/assets/fe185d11J36E5.woff2 Requested by Host: cy.utoke.b0tnet.com URL: https://cy.utoke.b0tnet.com/assets/df8f8472J36E5.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.153.106.5 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c` Request headers Referer https://cy.utoke.b0tnet.com/assets/df8f8472J36E5.css Origin https://cy.utoke.b0tnet.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 14:06:09 GMT last-modified Tue, 21 Nov 2023 06:34:34 GMT server nginx x-cache MISS content-type application/octet-stream cache-control max-age=60 content-disposition attachment; filename="fe185d11J36E5.woff2" accept-ranges bytes content-length 18028 expires Fri, 24 Nov 2023 14:07:09 GMT
GET H2	200	441e2360J36E5.woff2 cy.utoke.b0tnet.com/assets/	18 KB 18 KB	107ms 106ms	Font application/octet-stream	43.153.106.5 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://cy.utoke.b0tnet.com/assets/441e2360J36E5.woff2 Requested by Host: cy.utoke.b0tnet.com URL: https://cy.utoke.b0tnet.com/assets/df8f8472J36E5.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.153.106.5 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709` Request headers Referer https://cy.utoke.b0tnet.com/assets/df8f8472J36E5.css Origin https://cy.utoke.b0tnet.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 14:06:09 GMT last-modified Tue, 21 Nov 2023 06:34:30 GMT server nginx x-cache MISS content-type application/octet-stream cache-control max-age=60 content-disposition attachment; filename="441e2360J36E5.woff2" accept-ranges bytes content-length 18664 expires Fri, 24 Nov 2023 14:07:09 GMT
GET H2	200	2adefcbcJ36E5.woff2 cy.utoke.b0tnet.com/assets/	75 KB 76 KB	107ms 106ms	Font application/octet-stream	43.153.106.5 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://cy.utoke.b0tnet.com/assets/2adefcbcJ36E5.woff2 Requested by Host: cy.utoke.b0tnet.com URL: https://cy.utoke.b0tnet.com/assets/df8f8472J36E5.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.153.106.5 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe` Request headers Referer https://cy.utoke.b0tnet.com/assets/df8f8472J36E5.css Origin https://cy.utoke.b0tnet.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 14:06:09 GMT last-modified Tue, 21 Nov 2023 06:34:18 GMT server nginx x-cache MISS content-type application/octet-stream cache-control max-age=60 content-disposition attachment; filename="2adefcbcJ36E5.woff2" accept-ranges bytes content-length 77160 expires Fri, 24 Nov 2023 14:07:09 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Cyprus Post (Transportation)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lihi.cc/	1970-01-21 02:03:14	Name: redirect_id Value: eyJpdiI6Im9kR3djellBWExiUGtUZkl6a2hub0E9PSIsInZhbHVlIjoiV3R6VVhrdmZyKzduNEk3SnhMbHdpYTdJQXZKaTZWeXlGa2dZQ0ZreWR4eTIxQ3hcL0p6SXVOb0lCN2psOWFRYmQiLCJtYWMiOiJkMmI4MWFjYjcwOWEwMGRiY2QxNmFhMjY5NTcxYWIxNzU1M2ZiNDY1NmZhOWE1MzIwMjVjOGIyNGRiY2JmMmE3In0%3D
lihi.cc/	1970-01-20 16:27:14	Name: lihi_session Value: eyJpdiI6Ik1LN3pUXC82OW0rWmJCMXBoQU45MzNRPT0iLCJ2YWx1ZSI6IjFMQVJOakZvNHA2YnRZXC8zSnh0anFtdXhQS3VJY3hFQmxBV0E5M0dQTkVpRGt6dGJmc2QrUUhTTm51OTJnVWRkIiwibWFjIjoiMGY5ZjllYzQwZTVlMDY0NzBkNDdkZWZmNWFkN2I1Y2UwNDQxZDMwOWZjZDMyNTIxYTZiNzA0ZDU2NDNmZWM2NSJ9
cy.utoke.b0tnet.com/	1970-01-20 16:28:41	Name: uv Value: 67bba0fc7d407ccfe5ec21c3aed4e677
cy.utoke.b0tnet.com/	1970-01-20 16:28:41	Name: wss Value: wss%3A%2F%2Fcy.utoke.b0tnet.com%2Fwss
cy.utoke.b0tnet.com/	1970-01-20 16:28:41	Name: maxClick Value: 1000
cy.utoke.b0tnet.com/	1970-01-20 16:28:41	Name: change Value: 1
cy.utoke.b0tnet.com/	1970-01-20 16:28:41	Name: heatBeat Value: 25
cy.utoke.b0tnet.com/	1970-01-20 16:28:41	Name: errorLink Value: https%3A%2F%2Fgoogle.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cy.utoke.b0tnet.com
hustink.online
lihi.cc
2606:4700:3033::6815:436a
43.153.106.5
43.153.25.225
258c82612dc0e5a8dc1e7042a2e7eb7dbe544b04afc591f2b7b37c96cecb3f99
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
42276d697db885fb7a9d541aa4dc1c1cb03422e5838e86543084e90ea392a51b
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
4cd1ec684ce1c4f864a8e95f9f7695c7f708160192531ff8e55fc5023abf5b64
72d03430daa72d33ab2162785decdb48d0c37dd10c4231c421d45ca0ef007a8b
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
b179ab217c3bb968b67eae1ebb55b56f73a543964699c64e70f582f0304ea536
bb294527084a587d72af4febafeae1bf8eafa491b869956047f357190dc001f6
df8f8472ce3a177cc6bbd7df87fb353694af7b6ea4e3c8bc386ce26998e1cfe7
e9841a77f4566e799dbcc67059041cd351a5cdb626be21b2db57b8c0ad660021
f2fdee7afb7ef6b7391750a2c0ec60aefec287b2c6bc0d6f4c10d6c6e73b2373
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

cy.utoke.b0tnet.com Open in urlscan Pro 43.153.106.5 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

1 IPs

1 Countries

240 kBTransfer

551 kBSize

8 Cookies

10 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

19 JavaScript Global Variables

8 Cookies

Indicators

cy.utoke.b0tnet.com Open in urlscan Pro
43.153.106.5 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

1
IPs

1
Countries

240 kB
Transfer

551 kB
Size

8
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!